htdig: looping with lots of / in URL


Tomaz Borstnar (tomaz.borstnar@over.net)
Sat, 11 Jul 1998 20:40:15 +0200


Hello!

        I found interesting bug in 3.08b2 which is nice way for denial of
service. This is from web server's logfile:

193.189.160.250 - - [11/Jul/1998:20:30:43 +0200] "GET
/si//////si/ris98.html HTT
P/1.0" 404 174 "http://www.ris.org/si//////deloris.html" "htdig/3.0.8b2
(andrew@
contigo.com)"
193.189.160.250 - - [11/Jul/1998:20:30:44 +0200] "GET
/si//////si/ris98.html/ HT
TP/1.0" 404 175 "http://www.ris.org/si//////deloris.html" "htdig/3.0.8b2
(andrew
@contigo.com)"
193.189.160.250 - - [11/Jul/1998:20:30:44 +0200] "GET /si//////si/faq.html
HTTP/
1.0" 404 172 "http://www.ris.org/si//////deloris.html" "htdig/3.0.8b2
(andrew@co
ntigo.com)"
193.189.160.250 - - [11/Jul/1998:20:30:44 +0200] "GET /si//////si/faq.html/
HTTP
/1.0" 404 173 "http://www.ris.org/si//////deloris.html" "htdig/3.0.8b2
(andrew@c
ontigo.com)"
193.189.160.250 - - [11/Jul/1998:20:30:44 +0200] "GET /si//////www98.html
HTTP/1
.0" 404 171 "http://www.ris.org/si//////deloris.html" "htdig/3.0.8b2
(andrew@con
tigo.com)"
193.189.160.250 - - [11/Jul/1998:20:30:44 +0200] "GET /si//////www98.html/
HTTP/
1.0" 404 172 "http://www.ris.org/si//////deloris.html" "htdig/3.0.8b2
(andrew@co
ntigo.com)"

See lots of / in path? They just keep growing and filling things. Looks
like some bad url in html
made htdig loop.

Was this fixed in some patch already?

Thanks in advance.

        Tomaz

p.s.
Thanks to Andrew for nice software.
----
Tomaz Borstnar <tomaz.borstnar@over.net>
"Love is the answer to the final question you ask" - Unknown
----------------------------------------------------------------------
To unsubscribe from the htdig mailing list, send a message to
htdig-request@sdsu.edu containing the single word "unsubscribe" in
the body of the message.



This archive was generated by hypermail 2.0b3 on Sat Jan 02 1999 - 16:26:52 PST